8351 matches found
CVE-2022-42867
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution...
CVE-2022-42856
A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this iss...
CVE-2022-42837
An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, watchOS 9.2. A remote user may be able to cause unexpected app termination or arbitrary code executi...
CVE-2022-46700
CVE-2022-46700 corresponds to a memory corruption issue in WebKitGTK/WebKit2GTK. The vulnerability arises from processing malicious web content, potentially allowing arbitrary code execution. Public advisories (Debian DSA-5308/5309, Fedora package update, AlmaLinux advisories) indicate that WebKi...
CVE-2022-42861
CVE-2022-42861 is an Apple sandbox-escape vulnerability. The issue arises from insufficient checks that allowed an app to break out of its sandbox, as described in the CVE entry. According to the NVD entry, Apple fixed the vulnerability with improved checks, and addressed it in specific OS releas...
New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products
Apple on Tuesday rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could result in the execution of malicious code. Tracked as CVE-2022-42856, the issue has been described by the tech giant as a type confusion issue in the...
PT-2022-27971 · Apple · Ios +3
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.2 iPadOS versions prior to 16.2 macOS Ventura versions prior to 13.1 Description: An integer overflow issue was addressed through improved input validation, which could allow an app to break out of its sandbox...
PT-2022-27955 · Apple · Icloud For Windows +6
Name of the Vulnerable Software and Affected Versions: Apple tvOS versions prior to 16.2 Apple iCloud for Windows versions prior to 14.1 Apple macOS Ventura versions prior to 13.1 Apple iOS versions prior to 16.2 Apple iPadOS versions prior to 16.2 Apple watchOS versions prior to 9.2 Description:...
PT-2022-26636 · Apple · Ios +3
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.2 iPadOS versions prior to 16.2 macOS Ventura versions prior to 13.1 Description: The issue allows an app to bypass Privacy preferences. It was addressed by removing the vulnerable code. Recommendations: For iOS...
PT-2022-21598 · Apple · Ios +3
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.2 iPadOS versions prior to 16.2 macOS Ventura versions prior to 13.1 Description: The issue allows a deleted photo to be re-surfaced without authentication through the shake-to-undo feature. This was addressed with...
About the security content of iOS 15.7.2 and iPadOS 15.7.2
About the security content of iOS 15.7.2 and iPadOS 15.7.2 This document describes the security content of iOS 15.7.2 and iPadOS 15.7.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...
VulnCheck KEV: CVE-2022-42864
A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges...
VulnCheck KEV: CVE-2023-23496
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution...
VulnCheck KEV: CVE-2022-46705
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing...
Apple Releases Security Updates for Multiple Products
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the Apple security updates page for the following products and app...
PT-2022-26620 · Apple · Ipados +4
Name of the Vulnerable Software and Affected Versions: Apple macOS versions prior to 11.7.2 Apple macOS versions prior to 12.6.2 Apple macOS versions prior to 13.1 Apple iOS versions prior to 16.2 Apple iPadOS versions prior to 16.2 Apple tvOS versions prior to 16.2 Apple watchOS versions prior t...
PT-2022-26618 · Apple · Ios +2
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.7.2 macOS versions prior to 12.6.2 macOS versions prior to 13.1 iOS versions prior to 15.7.2 iOS versions prior to 16.2 iPadOS versions prior to 15.7.2 iPadOS versions prior to 16.2 Description: The issue was...
PT-2022-21579 · Apple +4 · Ipados +7
Name of the Vulnerable Software and Affected Versions: iOS versions prior to 16.2 iPadOS versions prior to 16.2 macOS Ventura versions prior to 13.1 Description: The issue was addressed with improved UI handling. Visiting a website that frames malicious content may lead to UI spoofing...
About the security content of iOS 16.2 and iPadOS 16.2
About the security content of iOS 16.2 and iPadOS 16.2 This document describes the security content of iOS 16.2 and iPadOS 16.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...
PT-2022-7573 · Apple +7 · Icloud For Windows +14
Name of the Vulnerable Software and Affected Versions: Safari versions prior to 16.2 tvOS versions prior to 16.2 iCloud for Windows versions prior to 14.1 macOS Ventura versions prior to 13.1 iOS versions prior to 16.2 iPadOS versions prior to 16.2 watchOS versions prior to 9.2 Description: The...